Category Configurations checks

WebTest 1.2.1 - Testing Web Application with Python

WebTest helps you test your WSGI-based web applications. This can be any application that has a WSGI interface, including an application written in a framework that supports WSGI (which includes most actively developed Python web frameworks – almost anything that even nominally supports WSGI should be testable).

Read More

Lansweeper v4.0 released

Lansweeper is an automated network discovery and asset management tool which scans all your computers and devices and displays them in an easy accessible web interface.
There is no need to install any agents on the computers, all scanning is done by standard build-in functionality.

Read More

Sysinternal AccessChk v5.0 released

AccessChk, a command-line tool for viewing the effective permissions on files, registry keys, services, processes, kernel objects, and more.

Read More

Spiceworks v4.7 build 50667 released

Spiceworks is the complete network management & monitoring, helpdesk, PC inventory & software reporting solution to manage Everything IT in small and medium businesses.

Read More

NSIA (Network System Integrity Analysis) v0.8.99 released

The ThreatFactor NSIA is a website scanner that monitors websites in realtime in order to detect defacements, compliance violations, exploits, sensitive information disclosure and other issues. ThreatFactor detects issues remotely and therefore requires no software to install, does not introduce any latency and will not interrupt business operations.

Read More

Testing the systems highload with StressLinux v0.5.111

stresslinux is a minimal linux distribution running from a bootable cdrom, usb, vmware or via PXE (wip).
stresslinux makes use of some utitlities available on the net like: stress, cpuburn, hddtemp, lm_sensors ...
stresslinux is dedicated to users who want to test their system(s) entirely on high load and monitoring the health.

Read More

SIP Inspector v1.10 released

SIP Inspector is a tool written in JAVA to simulate different SIP messages and scenarios. You can create your own SIP signaling scenarios, customize SIP messages and monitor incoming and outgoing messages. The tool can play RTP streams from a pcap file.

Read More

OWASP Code Crawler v2.7 released

A tool aimed at assisting code review practitioners. It is a static code review tool which searches for key topics within .NET and J2EE/JAVA code. The aim of the tool is to accompany the OWASP Code review Guide and to implement a total code review solution for "everyone".

Read More

OpenSCAP v0.5.9 released

The OpenSCAP Project was created to provide an open-source framework to the community which enables integration with the Security Content Automation Protocol (SCAP) suite of standards and capabilities.

Read More

x5s Beta released - Automated XSS security testing assistant

x5s is a Fiddler addon which aims to assist penetration testers in finding cross-site scripting vulnerabilities. It’s main goal is to help you identify the hotspots where XSS might occur by:

  • Detecting where safe encodings were not applied to emitted user-inputs
  • Detecting where Unicode character transformations might bypass security filters
  • Detecting where non-shortest UTF-8 encodings might bypass security filters
Read More

Security-Database integrates CAPEC v1.5

Common Attack Pattern Enumeration and Classification (CAPEC) provides a a publicly available catalog of attack patterns along with a comprehensive schema and classification taxonomy. The CAPEC assists in enhancing security throughout the software development lifecycle, and to support the needs of developers, testers and educators

Read More

log2timeline updated to v0.43

log2timeline is a framework for artifact timeline creation and analysis. The main purpose is to provide a single tool to parse various log files and artifacts found on suspect systems (and supporting systems, such as network equipment) and produce a body file that can be used to create a timeline, using tools such as mactime from TSK, for forensic investigators.

Read More

PyLoris Denial of Service Web Testing v3.0 in the wild

PyLoris is a tool for testing a web server’s vulnerability to a particular class of Denial of Service (DoS) attacks. It uses the Slowloris method; by using all available connections, web servers cannot complete valid requests.

Read More

Splunk the IT Log Management Software v4.1 released

Splunk is software that provides unique visibility across your entire IT infrastructure from one place in real time. Only Splunk enables you to search, report, monitor and analyze streaming and historical data from any source.

Read More

CMS Explorer v1.0 released - Discover the CMS components behind the site -

CMS Explorer is designed to reveal the the specific modules, plugins, components and themes that various CMS driven web sites are running.

Read More

Buck Security - Checks for Debian Linux - v0.5 released

Buck Security is a collection of security checks for Linux. It was designed for Debian and Ubuntu servers, but can be useful for any Linux system. The aim of Buck Security is, to allow you to get a quick overview of the security status of your system. As a linux system administrator - but also as a normal linux user - you often wonder if your system is secure

Read More

Spiceworks v4.6.48961 released

Spiceworks is the complete network management & monitoring, helpdesk, PC inventory & software reporting solution to manage Everything IT in small and medium businesses.

Read More

Flint the Firewall Rules Checkup Scanner updated to v1.0.4

Flint examines firewalls, quickly computes the effect of all the configuration rules, and then spots problems so you can:

  • CLEAN UP RUSTY CONFIGURATIONS that are crudded up with rules that can’t match traffic.
  • ERADICATE LATENT SECURITY PROBLEMS lurking in overly-permissive rules
  • SANITY CHECK CHANGES to see if new rules create problems.
Read More

Process Explorer v12 released

Process Explorer is an advanced process management utility that picks up where Task Manager leaves off. It will show you detailed information about a process including its icon, command-line, full image path, memory statistics, user account, security attributes, and more. When you zoom in on a particular process you can list the DLLs it has loaded or the operating system resource handles it has open. A search capability enables you to track down a process that has a resource opened, such as a file, directory or Registry key, or to view the list of processes that have a DLL loaded.

Read More

OpenScap v0.5.8 released - OVAL API extended

The OpenSCAP Project was created to provide an open-source framework to the community which enables integration with the Security Content Automation Protocol (SCAP) suite of standards and capabilities.

Read More
1 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8

SSA 1.6 Beta 2 released

Read More

SSA Security System Analyzer version 1.6 beta 1 released

Read More
1